Affinity Gaming warns card data from patrons of 11 casinos in 4 states exposed in cyberattack
LAS VEGAS (AP) — A Las Vegas company that owns casinos in Nevada, Colorado, Iowa and Missouri fell victim to a cyberattack earlier this year, compromising the credit and debit card information of patrons at 11 sites, company officials said Friday.
Affinity Gaming officials said its system is now secure, but it recommended that customers who visited its casinos and hotels between March 14 and Oct. 16 check their card statements for suspicious activity and put a fraud alert on their accounts.
The company was notified Oct. 24 about fraudulent charges that may have been linked to an Affinity casino in Iowa. Affinity said it immediately began an investigation that determined the system used throughout the casino chain was infected by malware.
A notice was posted on the company's website Nov. 14, while Friday's notice was distributed more broadly.
It wasn't clear how many cardholders are affected, but Affinity's lawyer, Jim Prendergast, estimated it was fewer than 300,000.
Affinity Gaming owns five casinos in Nevada: Silver Sevens Hotel & Casino in Las Vegas; Rail City Casino in Sparks; and Buffalo Bill's Resort & Casino, Primm Valley Resort & Casino, and Whiskey Pete's Hotel & Casino, in Primm, near the California state line.
The company also owns Golden Mardi Gras Casino, Golden Gates Casino and Golden Gulch Casino in Black Hawk, Colo.; Lakeside Hotel & Casino in Osceola, Iowa; Mark Twain Casino & RV Park in La Grange, Mo.; and St. Jo Frontier Casino in St. Joseph, Mo.
Prendergast said skimmers that can surreptitiously read debit and credit card data were placed on three gas pumps on an unknown date, and the situation was cleared by Nov. 29.